Homeland Security: Patch Windows Now

The Department of Homeland Security took the unusual step earlier this week of urging Windows users to apply a patch to protect themselves from possible worm attacks. The move was the first time that the department had instructed computer users to apply a security patch.

"Attempts to exploit vulnerabilities in operating systems routinely occur within 24 hours of the release of a security patch," it said in a statement. "This vulnerability could impact government systems, private industry and critical infrastructure, as well as individual and home users."

At issue is Microsoft patch 06-040, which involves a flaw in the Server Service function of Windows. Affecting all versions of the operating system after Windows 2000, a buffer overrun could open up a remote code execution risk that could result in a system takeover.

Various security firms also echoed the DHS' concerns. eEye Digital Security said that exploit code had been found in the wild, and that the vulnerability was being exploited in the wild as a "zero-day" attack. Unpatched systems run the risk of being infected by a worm attack, which is considered imminent, the companies added.

"McAfee supports the warning of the U.S. Department of Homeland Security and re-iterates its position that customers pay particular attention to this vulnerability and update their systems immediately," the security firm said in a news release.

At least one company, eEye, was providing a free vulnerability scanner to test systems for susceptibility to the issue.

The US Computer Emergency Readiness Team is working with Microsoft to minimize impact from the flaw, DHS said. The group also issued an alert through its National Cyber Alert System and informed federal Chief Information Officers and Chief Information Security Officers.

Government agencies have been required to inform the DHS of their patching status.

The US-CERT is recommending that users ensure their antivirus software is installed and up-to-date, and a firewall has been deployed and activated. Additionally, it recommended against opening e-mails and attachments from unknown sources, and it even warned against opening unexpected attachments from trusted contacts.